Public-Private Partnerships in the Netherlands Gijs Peeters, - - PowerPoint PPT Presentation

public private partnerships in the netherlands
SMART_READER_LITE
LIVE PREVIEW

Public-Private Partnerships in the Netherlands Gijs Peeters, - - PowerPoint PPT Presentation

May 02, 2023 215 likes •389 views

Public-Private Partnerships in the Netherlands Gijs Peeters, National Cyber Security Centre (NCSC-NL) Advisor International Relations & PPPs 29 January 2019 ENISA NLO Meeting Public-Private Partnerships in the Netherlands Strengthening

slide-1
SLIDE 1

Public-Private Partnerships in the Netherlands

Gijs Peeters, National Cyber Security Centre (NCSC-NL) Advisor International Relations & PPPs

29 January 2019 ENISA NLO Meeting

slide-2
SLIDE 2

Public-Private Partnerships in the Netherlands

Strengthening our digital resilience together

Gijs Peeters Advisor International Relations & PPPs NCSC-NL

PPPs in the Netherlands | 29-01-2019

slide-3
SLIDE 3

Content

  • PPP: the Dutch way
  • Ambition: a nationwide network of partnerships

›ISAC’s ›CSIRT’s ›Regional ecosystems

  • Challenges
  • Role of ENISA in stimulating PPPs

PPPs in the Netherlands | 29-01-2019

slide-4
SLIDE 4

PPP – the Dutch approach

Trust = Value

Resilience potential Collective resilience capacity Individual resilience capacity Resilience potential Individual resilience capacity

PPPs in the Netherlands | 29-01-2019

slide-5
SLIDE 5

National Cyber Security Agenda

“A nationwide network of cybersecurity partnerships will be created within which information about cybersecurity can be shared between public and private parties more widely, effeciently and effectively. The aim of this network is to strengthen the capabilities of public and private parties.”

PPPs in the Netherlands | 29-01-2019

slide-6
SLIDE 6

A nationwide network of cybersecurity partnerships ISAC’s

Tactical information exchange

NCSC AIVD

Public sector

PPS THTC DTC MoD

  • Chair and co-chair from sector
  • Sector in the lead, NCSC faciltates ISACs and

brings in expertise (2 roles)

PPPs in the Netherlands | 29-01-2019

slide-7
SLIDE 7

How to set up an ISAC?

PPPs in the Netherlands | 29-01-2019

slide-8
SLIDE 8

Further growth of an ISAC?

PPPs in the Netherlands | 29-01-2019

slide-9
SLIDE 9

Baseline Information sharing Analysis Action

L3 L2 L1 L0

Capability cluster: Baseline Generic Cooperation Capability cluster: Information Sharing ISAC core capability Capability cluster: Analysis ISAC core capability Capability cluster: Action Suggested capability

PPPs in the Netherlands | 29-01-2019

slide-10
SLIDE 10

L3 L2 L1 L0

Level 0: ad hoc working, individual benefits, implicit sectoral and societal benefits Level 1: structured working, explicit individual and collective benefits Level 2: purposeful working, ISAC operates as one, explicit sectoral benefits Level 3: mature, holistic working, ISAC’s cooperate, explicit societal benefits

Baseline Information sharing Analysis Action

PPPs in the Netherlands | 29-01-2019

slide-11
SLIDE 11

Baseline Information sharing Analysis Action

L3 L2 L1 L0

Strategy & planning Support for common goal of ISAC In-kind contributions Strategy & planning Development and action plan (short-term) Benchmark Ad-hoc co- financing Strategy & planning Shared R&D Medium-term Roadmap Structural budget Strategy & planning ISAC mandated to act by C-level Long-term Roadmap Communication Way of working Membership guidelines TLP (Co)chair, NCSC secretary and representatives Way of working NCSC Account holder Rules of Engagement, competencies and training Way of working NCSC/CERT Analyst Way of working Composition as required by agenda SOPs Advanced agreements Information structure: Information sharing between ISAC members Information structure: Information sharing with

  • perational and

strategic levels Information structure: Norms and templates for information sharing (also beyond ISACs) Information structure: Information sharing standards and protocols (e.g. STIX and TAXII) Information management: Free-format, ad hoc Information management: Structured data collection and reporting Information management: Information Sharing Platform Information management: Automatic data collection & reporting (e.g. CTI) Situational awareness: Individual ISAC members and NCSC Situational awareness: From qualitative to quantitative Cross-sectoral and national situational awareness Situational awareness: Sectoral situational awareness report Situational awareness: Predictive analysis International situational awareness Lessons learned: Incident analysis Lessons learned: Cross-sectoral learning (ambering) Supply chain learning (greening) Lessons learned: Trend analysis Lessons learned: Strategic forecasting International sharing of lessons learned Follow-up & actions: Focussed on individual resilience Follow-up & actions: Focussed on sectoral resilience (e.g. collaborative procurement) Follow-up & actions: Focussed on public resilience (e.g. joint statements) Follow-up & actions: Bilateral initiatives (e.g. shared research, supply chain analysis) Annual bulletin

slide-12
SLIDE 12

Network of CERTs

Operational information exchange

Network of CERT’s

Public sector

DTC THTC NCSC AIVD OM MIVD /DCC

slide-13
SLIDE 13

Regional ecosystems

FERM CYSSEC

Expertise and advise

Public sector

NCSC DTC

slide-14
SLIDE 14

A nationwide network of cybersecurity partnerships

Tactical information

ISAC’s

Operational information

CERT’s

Regional Ecosystems Expertise and advise

Public sector

PPPs in the Netherlands | 29-01-2019

slide-15
SLIDE 15

ENISA and PPPs

  • We welcome support of ENISA for ISACs,;
  • Important to connect to existing structures;
  • (European) ISACs are not a goal in itself;
  • We would like to invite ENISA to also support MS in setting up

national PPP structures.

PPPs in the Netherlands | 29-01-2019

slide-16
SLIDE 16

Thank you, questions?

Gijs.peeters@ncsc.nl

PPPs in the Netherlands | 29-01-2019